Oh, ok. >From the user's error message it looked to me like bin/solr was making an admin/info/system call from bash, but it must be something else.
On Fri, Dec 20, 2019 at 6:28 AM Jan Høydahl <jan....@cominvent.com> wrote: > > No, I doubt that bin/solr support would do more than just wire in a simple > initial JWT config, with some default Rule-based config. > > Jan > > > 17. des. 2019 kl. 16:42 skrev Jason Gerlowski <gerlowsk...@gmail.com>: > > > > Hey Jan, > > > > Is this a case of something that'd be fixed by > > https://issues.apache.org/jira/browse/SOLR-13071 ? > > > > Just wondering > > > > Best, > > Jason > > > > On Thu, Dec 12, 2019 at 5:43 PM Jan Høydahl <jan....@cominvent.com> wrote: > >> > >> Try something like this > >> https://gist.github.com/b330e1bea7842bcdc1e5fa3940b4a4f7 > >> <https://gist.github.com/b330e1bea7842bcdc1e5fa3940b4a4f7> > >> > >> The trick is to «whitelist» certain paths that will not require auth, but > >> then further down add rules to block all other paths either as admin role > >> or with special role *»* which means «any authenticated user». > >> > >> Jan > >> > >>> 12. des. 2019 kl. 07:47 skrev Lakhan Gupta > >>> <lakhan.gu...@infogain.com.INVALID>: > >>> > >>> Hi, > >>> > >>> Using solr 8.1.1 version and facing problem while enabling jwt > >>> authentication in solr. Jwt authentication is working fine after > >>> configuring security.json file. Below is the configuration I am using for > >>> enabling jwt authentication. > >>> > >>> Security.json > >>> > >>> { > >>> "authentication":{ > >>> "blockUnknown": false, > >>> "class":"solr.JWTAuthPlugin", > >>> "jwk":{ > >>> "kty":"oct", > >>> "use":"sig", > >>> "kid":"k1", > >>> > >>> "k":"7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79", > >>> "alg":"HS256"}, > >>> "aud":"solr"}, > >>> "authorization":{ > >>> "class":"solr.RuleBasedAuthorizationPlugin", > >>> "permissions":[ > >>> { > >>> "name":"all", > >>> "path":"/*", > >>> "role":"admin" > >>> } > >>> ], > >>> "user-role":{ > >>> "solr":"admin" > >>> } > >>> } > >>> } > >>> > >>> Using secret key > >>> 7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79 > >>> > >>> Jwt token is generated: > >>> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZCIsImF1ZCI6InNvbHIiLCJleHAiOjk5MTYyMzkwMjJ9.M4PksJTJ9gFjOlvvFmG1eDSyXDtKIRSGIYicIW9hwT4 > >>> > >>> Below header and payload I'm using for generate jwt token : > >>> > >>> The header is > >>> { > >>> "alg": "HS256", > >>> "typ": "JWT" > >>> } > >>> > >>> and the payload is > >>> > >>> { > >>> "sub": "admin", > >>> "aud": "Solr", > >>> "exp": 9916239022 > >>> } > >>> > >>> With above configuration my jwt authentication is working fine. But there > >>> is a problem when request is sent without authentication in header the > >>> api still retrieving data. I want to prevent it when request come without > >>> authentication header. > >>> > >>> For that, I've enabled blockUnknown parameter in security.json file. That > >>> works fine and authentication request is required. But, after enabling > >>> blockunknown parameter I am facing below exception while starting solr > >>> using solr start command. > >>> > >>> > >>> ERROR: Solr requires authentication for > >>> http://localhost:8983/solr/admin/info/system. Please supply valid > >>> credentials. HTTP code=401 > >>> > >>> I've googled a lot and find out > >>> > >>> solr/admin/info/system endpoint required authentication. > >>> > >>> How to authenticate solr/admin/info/system endpoint while startup solr? > >>> > >>> Need urgent help. I'd appreciate if someone can help me. > >>> > >>> Thanks > >>> Lakhan Gupta > >>> > >>> > >>> > >>> The information in this email is confidential and may be legally > >>> privileged. It is intended solely for the addressee and access to it by > >>> anyone else is unauthorized. If you are not the intended recipient, any > >>> disclosure, copying, distribution or any action taken or omitted to be > >>> taken based on it, is strictly prohibited and may be unlawful. > >> >
